JP2012212468A - Secure instant messaging - Google Patents

Secure instant messaging Download PDF

Info

Publication number
JP2012212468A
JP2012212468A JP2012157246A JP2012157246A JP2012212468A JP 2012212468 A JP2012212468 A JP 2012212468A JP 2012157246 A JP2012157246 A JP 2012157246A JP 2012157246 A JP2012157246 A JP 2012157246A JP 2012212468 A JP2012212468 A JP 2012212468A
Authority
JP
Japan
Prior art keywords
messaging device
peer
encrypted
messaging
communication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
JP2012157246A
Other languages
Japanese (ja)
Other versions
JP5896850B2 (en
Inventor
Schwartz Eyal
S Holmes John
S Ford Peter
シュワルツ,エヤル
フォード,ピーター・エス
ホルメス,ジョン・エス
Original Assignee
Microsoft Corp
マイクロソフト コーポレーション
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to US11/172,425 priority Critical
Priority to US11/172,425 priority patent/US7949138B2/en
Application filed by Microsoft Corp, マイクロソフト コーポレーション filed Critical Microsoft Corp
Publication of JP2012212468A publication Critical patent/JP2012212468A/en
Application granted granted Critical
Publication of JP5896850B2 publication Critical patent/JP5896850B2/en
Application status is Active legal-status Critical
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00Arrangements for user-to-user messaging in packet-switching networks, e.g. e-mail or instant messages
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • H04L63/0869Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network for achieving mutual authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2103Challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/603Digital right managament [DRM]

Abstract

Secure instant messaging is described.
In one embodiment, a messaging device encrypts an application identifier to generate an encrypted application message and communicates the encrypted application message to a receiving messaging device over a peer-to-peer communication link. . The receiving messaging device decrypts the encrypted application message, encrypts the application identifier as a response application identifier, and generates an encrypted application response. The messaging device receives the encrypted application response from the receiving messaging device, decrypts the encrypted application response, verifies that the response application identifier matches the application identifier, and peer-to-peer communication link Establishes that the communication is secure, and optionally optionally establishes a control policy for the communication received at the receiving messaging device.
[Selection] Figure 1

Description

  Instant messaging is becoming increasingly popular because users can communicate in real time via instant messaging using various devices such as computers, wireless phones, media devices, and the like. Instant messaging allows two or more users to exchange messages over a communications network during an instant messaging session. When two users are online at the same time, instant messages can be exchanged between these two users in real time through their messaging-enabled devices. Instant messaging is a text conversation between two users, but with instant messaging, messages are exchanged immediately, making it feel as if the user is participating in a typical spoken conversation.

  Real-time instant messaging communication between two (or more) messaging-enabled devices can be achieved through a direct peer-to-peer communication link between the two messaging-enabled devices. In an alternative system, instant message communication may be derived from the client device to the server and then to the receiving client device, in which case client-to-server and server-to-client communication can be ensured. . However, peer-to-peer instant messaging conversations are not reliable, and there is no way to see who the user participating in the instant messaging session actually represents. As a result, instant messaging participants may be tricked and / or tampered with data.

  This summary is provided to simplify and introduce a secure instant messaging concept that is further described in the detailed description below. This summary is not intended to identify essential features of the claimed subject matter, nor is it intended to be used to determine the scope of the claimed subject matter.

  In one embodiment of secure instant messaging, the messaging device encrypts the subscription identifier, generates an encrypted subscription message, and sends the encrypted subscription message to the receiving messaging device over a peer-to-peer communication link. introduce. The receiving messaging device decrypts the encrypted application message, encrypts the application identifier as a response application identifier, and generates an encrypted application response. The messaging device receives the encrypted application response from the receiving messaging device, decrypts the encrypted application response, verifies that the response application identifier matches the application identifier, and peer-to-peer communication link Establish that the communication is secure when communicating through.

  In another embodiment of secure instant messaging, the messaging device establishes a peer-to-peer communication link for peer-to-peer communication links for real-time transmission of secure communications with the receiving messaging device. Establish that the encrypted communication is secure when communicating with the receiving messaging device over the peer communication link. The messaging device then encrypts the communication and generates an encrypted communication that includes a control policy that restricts the use of the communication when received and decrypted at the receiving messaging device. The control policy is that the receiving messaging device or a user at the receiving messaging device maintains the communication for future reference, uses the communication, and / or distributes the communication after decryption of the communication. You can specify how much you can do. The control policy can also exclude the distribution of communication with any additional data associated with the communication.

FIG. 1 shows an example of a messaging system that can implement a secure instant messaging embodiment. FIG. 2 shows another example of a messaging system that can implement a secure instant messaging embodiment and includes the components of the messaging system shown in FIG. FIG. 3 shows another example of a messaging system that can implement a secure instant messaging embodiment and includes the components of the messaging system shown in FIGS. FIG. 4A shows an example of a secure instant messaging method. FIG. 4B shows an example of a secure instant messaging method. FIG. 5 shows another example of a secure instant messaging method. FIG. 6 illustrates various components of an example computing device that can be implemented as any one or more of the messaging devices shown in FIGS. 1-3.

  The same numbers are used throughout the drawings to reference like features and components.

  Embodiments of secure instant messaging that provide techniques for enabling secure instant messaging communications are described. The messaging device can establish a peer-to-peer communication link with a receiving messaging device for real-time communication of secure communications, such as secure instant messaging. A messaging device can also establish that encrypted communications, such as instant messaging, are secure when communicating with a receiving messaging device over a peer-to-peer communication link.

  In an embodiment, digital rights management (DRM) is utilized to provide secure instant messaging. Digital rights management is a protocol established for protecting copyrights on digital media in order to prevent illegal distribution of content purchased on the Internet and online theft of commercial materials. Digital rights management is also commonly used to encrypt content and then store it in a document. When applied to secure instant messaging, the digital rights management protocol provides at least identity validation, encryption key distribution, and cryptographic integration for real-time communication. In addition, the digital rights management service is implemented with secure instant messaging, ready to authenticate the personal information of the messaging device inherently. The digital rights management service issues use and issuance authorization only for known and authenticated individual information.

  The messaging device first establishes that the encrypted communication with the receiving messaging device is secure by encrypting the randomly generated subscription identifier and generating an encrypted subscription. The encrypted application is then communicated to the receiving messaging device over the peer-to-peer communication link, and the receiving messaging device decrypts the application. The receiving messaging device encrypts the subscription identifier in the response and sends this response back to the messaging device. The messaging device decrypts the response and verifies that the received subscription identifier matches the subscription identifier that was originally sent to the receiving messaging device. This ensures that each messaging device ensures that the other individual's information is secure and that the communication can be encrypted and transmitted securely over the peer-to-peer communication link.

  Although aspects of the secure instant messaging system and method described above can be implemented in any number of different computing systems, environments, and / or configurations, secure instant messaging embodiments are The following example system architecture will be described.

  FIG. 1 shows an example of a messaging system 100 that can implement a secure instant messaging embodiment. Messaging system 100 includes a messaging service 102 and any number of messaging enabled devices 140 (1-N). The messaging devices 140 (1-N) are each configured to communicate with the messaging service 102 through a communication network 106, such as an intranet, the Internet, or a mobile network. Messaging service 102 and / or messaging device 104 (1-N) may use any one or combination of components described with reference to the example computing and / or messaging device 600 shown in FIG. Can also be implemented.

  For example, the messaging device 104 can be implemented in any number of embodiments, including computing devices, mobile messaging devices, home appliances, gaming system consoles, entertainment system components, cell phones, And any other type of messaging device that can be implemented in a messaging system. The messaging device 104 (1-N) may also include a user at the messaging device 104, other devices, and / or a software application that implements a secure instant messaging embodiment. Can also be expressed.

  Communication network 106 may be implemented as any one or combination of a wide area network (WAN), a local area network (LAN), a wireless network, a public telephone network, an intranet, and the like. Although shown as a single communication network, the network 106 may be implemented using any type of network topology and any network communication protocol, and may be represented or implemented as a combination of two or more networks. can do. Digital networks can include various hardwire and / or wireless links, routers, gateways, etc. to facilitate communication between messaging service 103 and client systems 104 (1-N).

  In this example, messaging device 104 (1) and messaging device 104 (N) are configured to also allow direct communication through peer-to-peer network 108, thereby enabling messaging device 104. (1-N) can exchange real-time communications, such as instant messaging. Peer-to-peer network 108 may be implemented as a separate and independent communication link from communication network 106. In addition, the peer-to-peer network 108 can be implemented using any type of network topology and any network communication protocol and can be represented or implemented as a combination of two or more networks. it can.

  Each of the messaging devices 104 (1-N) includes one or more processors 110 (1-N) (e.g., any of a microprocessor, controller, etc.), which are various computer-executable instructions. To control the operation of messaging device 104 and communicate with other electronic and computing devices to provide secure instant messaging embodiments. Each of the messaging devices 104 (1-N) also includes a respective messaging application 112 (1-N), which is connected to the instant messaging device 104 (1) by instant messaging. The processor 110 so that it can participate in instant messaging sessions with other messaging devices, such as messaging device 104 (N), via messages, multimedia exchanges, voice communications, avatars (eg, visual representations), etc. It can be executed on the above. Instant messages (or other communications) are exchanged through the peer-to-peer network 108 in real time (or in near real time since there may be negligible delay in processing and data transfer) . Typically, instant messages are delivered in real time, but delayed delivery may be used, such as by recording messages when the messaging device 104 is offline or otherwise unavailable.

  The messaging service 102 includes a messaging manager 114, which may be implemented in some cases to facilitate instant messaging sessions between messaging devices 104 (1-N). In one embodiment, the messaging manager may communicate between messaging devices 104 (1-N), such as when messaging device 104 (1) generates an instant message to communicate to messaging device 104 (N). To derive an instant message. The instant message is derived from the messaging device 104 (1) via the communication network 106 to the messaging manager 114, which then sends the instant message via the communication network 106. Derived to messaging device 104 (N). Messaging device 104 (N) receives the instant message and executes messaging application 112 (N) to display the instant message. Alternatively, the instant message is communicated directly from messaging device 104 (1) to messaging device 104 (N) via peer-to-peer network 108 without using messaging service 102. Can do.

  Each of the messaging devices 104 (1-N) includes a respective encryption module 116 (1-N) to provide secure instant messaging. This will be further described with reference to example messaging systems 200 and 300 shown in FIGS. Although the messaging system 100 illustrates a secure instant messaging implementation, this environment is exemplary only. The secure instant messaging mechanism described here is platform independent, and instant messaging techniques can be used on various commercial computing platforms with various processors, memory elements, and various other components. Can be implemented.

  For example, although messaging application 112 and encryption module 116 are shown as separate applications in each messaging device 104, messaging application 112 forms a multi-functional component of messaging device 104. As such, the encryption module 116 can be implemented. Further, although each of messaging application 112 and encryption module 116 is shown and described as one application configured to implement a secure instant messaging embodiment at respective messaging device 104, Either or both of the messaging application 112 and the encryption module 116 are distributed across several configuration applications, each one or more functions in the messaging device 104 and / or messaging system 100. Can also be executed.

  FIG. 2 shows an example of a messaging system 200 that can implement a secure instant messaging embodiment and includes the components of the messaging system shown in FIG. In system 200, messaging devices 104 (1-N) each include a respective messaging application 112 (1-N) and an encryption module 116 (1-N). This is as described with reference to FIG. In addition, the messaging devices 104 (1 -N) are each implemented to communicate and exchange real-time communications, such as instant messaging, through the peer-to-peer network 108.

  Messaging application 112 (1) at messaging device 104 (1) includes and / or generates various communications and data 202. Similarly, messaging application 112 (N) includes and / or generates various communications and data 204. In various embodiments of secure instant messaging, communications and data 202, 204 associated with each messaging application 112 (1-N) can be instant messages, real-time peer-to-peer communications, file transfers, Any one or combination of image transfer, text-based communication, audio communication, video communication, or audio / video communication can be included, all of which are encrypted through peer-to-peer network 108 It can be communicated as a secure communication by communication or otherwise.

  In an embodiment, each of the encryption modules 116 (1-N) in the messaging device 104 (1-N) may include a respective digital rights management (DRM) service 206 (1-N) for secure This can be used to implement a simple instant messaging embodiment. Each messaging device 104 (1-N) maintains a contact 210 (1-N) and encrypted data 212 (1-N) for each respective messaging device 104 (1-N), respectively. Memory 208 (1-N). Memory 208 may be implemented as any form of computer readable media and combinations thereof and will be described with reference to the example computing and / or messaging device 600 shown in FIG.

  A contact 210 of an individual messaging device 104 can identify a user of another messaging device 104 with which that messaging device user communicates. For example, the memory 208 (1) of the messaging device 104 (1) can maintain the messaging device 104 (N) and / or a contact 210 (1) that identifies the user at the messaging device 104 (N). . Similarly, memory 208 (N) of messaging device 104 (N) may maintain messaging device 104 (1) and / or contact 210 (N) that identifies the user at messaging device 104 (1). it can.

  The encryption module 116 at the messaging device (eg, messaging device 104 (1)) determines the validity of the individual information of the receiving messaging device (eg, messaging device 104 (N)) and peer peers. When communicating with a receiving messaging device through the two-peer network 108, it can be implemented to establish that an encrypted communication, such as an instant message, is secure. In secure instant messaging embodiments, the digital rights management service 206 is utilized to encrypt and exchange secure communications and instant messages. This will be described with reference to FIG. In addition, the digital rights management service 206 authenticates the individual information of the messaging device 104 (1-N) prior to establishing the peer-to-peer communication link 108, and is used only for known and authenticated individual information. Issue issue authorization. Other rights management protocols can be utilized to implement secure instant messaging embodiments as well.

  FIG. 3 shows an example of a messaging system 300 that can implement a secure instant messaging embodiment and includes the components of the messaging systems 100 and 200 shown in FIGS. In system 300, messaging devices 104 (1-N) each include a respective messaging application 112 (1-N) and encryption module 116, as described above with reference to FIGS. (1-N). In addition, messaging devices 104 (1 -N) are each implemented to communicate and exchange real-time communications, such as instant messages, through peer-to-peer network 108.

  In this example, the messaging device 104 (1) determines the validity of the personal information of the messaging device 104 (N) (also referred to as the receiving messaging device) and sends the messaging message through the peer-to-peer network 108. When communicating from the device 104 (1) to the receiving messaging device 104 (N), it can be ensured that the encrypted communication 202 is secure. In an alternative embodiment, the digital rights management service 206 is ready to essentially authenticate the personal information of the messaging device 104 (1-N) for secure instant messaging communication.

  The encryption module 116 (1) at the messaging device 104 (1) can encrypt the randomly generated subscription identifier 302 to generate an encrypted subscription message 308. In an embodiment utilizing the digital rights management service 206, the encryption module 116 (1) in the messaging device 104 (1) has an encryption key 304 embedded in the issuance authorization 306 of the digital rights management service 206 (1). Can be used to encrypt the randomly generated application identifier 302 and generate an encrypted application message 308. In a secure instant messaging embodiment, the encryption key 304 is implemented as a “self-trusting key” and is self-trusted for message transmission between the messaging devices 104 (1-N). A peer-to-peer system can be established.

  The messaging application 112 (1) of the messaging device 104 (1) sends the encrypted application message over the peer-to-peer network 108 to the messaging application 112 (N) at the receiving messaging device 104 (N). 308 is transmitted (310). The encryption module 116 (N) at the messaging device 104 (N) decrypts the application (ie, the encrypted application message 308) and, in response, encrypts the application identifier as a response application identifier 312 and encrypts it. An application response 314 is generated. In an embodiment using the digital rights management service 206, the response application identifier 312 is encrypted with the encryption key 316. The encryption key 316 is embedded in the version of the receiving messaging device itself of the digital rights management service 206 (N) issuance authorization 318.

  Messaging application 112 (N) of messaging device 104 (N) communicates encrypted application response 314 to messaging application 112 (1) at messaging device 104 (1) over peer-to-peer network 108. (320). The encryption module 116 (1) of the messaging device 104 (1) decrypts the response (ie, the encrypted application response 314) and the received application identifier (ie, the response application identifier 312) is received by the receiving messaging device. It can be verified that it matches the application identifier 302 originally sent to 104 (N). This establishes that each of the messaging devices 104 (1 -N) establishes that the other individual's information is secure and that the instant message can be encrypted and communicated securely through the peer-to-peer network 108. obtain.

  Here, messaging device 104 (1) can rely on messaging device 104 (N) being able to decrypt messages sent directly via peer-to-peer network 108, A message received directly from the messaging device 104 (N) via the two-peer network 108 can be decrypted, and the messaging device 104 (N) and / or a user at the messaging device 104 (N) Can be based on the establishment of personal information. The messaging device 104 (1) can also assert that the encrypted message sent directly to the messaging device 104 (N) can only be decrypted by the messaging device 104 (N). The messaging device 104 (N) initiates the same validation sequence as described above to secure the personal information of the messaging device 104 (1) and decrypt future communications from the messaging device 104 (1). The usage authorization can be read out.

  For example, messaging application 112 (1) at messaging device 104 (1) may generate instant messaging 202 for communication to messaging device 104 (N). The encryption module 116 (1) encrypts the instant message 202 using the encryption key 304 embedded in the issuance authorization 306 associated with the messaging device 104 (N) and generates encrypted communication. Can do. The messaging application 112 (1) can then communicate the encrypted communication to the receiving messaging device 104 (N) through the peer-to-peer network.

  The digital rights management service 206 in conjunction with the encryption module 116 at the messaging device 104 is a control policy 322 (“user rights”, such as the control policy 322 (1 -N) at each messaging device 104 (1 -N). Can also be included). The control policy 322 (1-N) allows the receiving messaging device, or a user of the receiving messaging device, to maintain communication for future reference, use the communication, and distribute the communication after decryption. A possible range can be specified. The control policy 322 can also exclude communication distribution and / or use, including any additional data associated with the communication.

  For example, the messaging device 104 (1) encrypts the instant message 202 to control the use of instant messages 322 when receiving and decrypting at the receiving messaging device 104 (N). An encrypted instant message containing (1) can be generated. Use of instant messaging means that the receiving messaging device 104 (N) cannot store the message data offline, print a screen of the message, or copy and paste the content of the message Can be restricted so that can not. Also, the control policy 322 (1) may place restrictions on the viewing of the message and / or after a period of time, the message expires and is deleted.

  Secure instant messaging methods, such as example methods 400 and 500 described with reference to FIGS. 4 (A and B) and FIG. 5, respectively, are described in connection with general computer-executable instructions. You can also. Generally, computer-executable instructions can include routines, programs, objects, components, data structures, procedures, modules, functions, etc. that perform specific functions or have specific abstract data types. Realize. The method can also be practiced in distributed computing environments where functions are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, computer-executable instructions can be located in both local and remote computer storage media including memory storage devices.

  FIG. 4 (A and B) shows an example of a method 400 for secure instant messaging. The order in which the methods are described is not intended to be construed as limiting, and the method blocks described may be combined in any number and in any order to implement the method. Moreover, the method can be implemented in any suitable hardware, software, firmware, or combination thereof.

  At block 402 (FIG. 4A), an application identifier is randomly generated, and at block 404, the application identifier is stored in memory. For example, the encryption module 116 (1) at the messaging device 104 (1) can randomly generate the subscription identifier 302 and store it in the memory 208 (1) as encrypted data 212 (1). At block 406, the application identifier is encrypted to generate an encrypted application message. For example, the encryption module 116 (1) in the messaging device 104 (1) encrypts the randomly generated application identifier 302 and generates an encrypted application message 308. In one embodiment, the application identifier 302 can be encrypted with the encryption key 304 embedded in the issuance authorization of the digital rights management service 206 (1) to generate an encrypted application message 308.

  At block 408, the issuance authorization is associated with the receiving messaging device, and at block 410, the issuance authorization is stored in memory and communications destined for the receiving end are encrypted. For example, the issuance authorization 306 at messaging device 104 (1) is associated with messaging device 104 (N) and stored in memory 208 (1) for future reference. At block 412, the encrypted application message is communicated to the receiving messaging device over a peer-to-peer communication link. For example, messaging application 112 (1) of messaging device 104 (1) sends encrypted application message 308 through peer-to-peer communication link 108 to messaging application 112 (N) at receiving messaging device 104 (N). N).

  At block 414, the encryption application message is decrypted. For example, the encryption module 116 (N) at the receiving messaging device 104 (N) decrypts the encryption application message 308. In one embodiment, the recipient messaging device 104 (N) responds to the issuance authorization and decrypts the encryption application message 308 using the usage authorization obtained from the digital rights management service 206 (N). At block 416, the application identifier is encrypted as a response application identifier to generate an encrypted application response. For example, the encryption module 116 (N) at the messaging device 104 (N) encrypts the application identifier as a response application identifier 312 and generates an encrypted application response 314. In one embodiment, the subscription identifier 312 may be encrypted using an encryption key 316 embedded in the receiving messaging device's own version of the digital rights management service 206 (N) issuance authorization 318.

  At block 418 (FIG. 4B), an encrypted application response is received from the receiving messaging device. For example, messaging application 112 (1) of messaging device 104 (1) transmits encrypted application response 314 from messaging application 112 (N) of messaging device 104 (N) over peer-to-peer communication link 108. Receive. At block 420, the encrypted application response is decrypted. For example, the encryption module 116 (1) of the messaging device 104 (1) decrypts the (320) encryption application response 314 received from the receiving messaging device 104 (N).

  At block 422, a usage authorization corresponding to the issuance authorization is obtained and the communication received from the receiving messaging device is decrypted. For example, a usage authorization corresponding to the issuance authorization 318 received from the receiving messaging device 104 (N) is obtained and stored in the memory 208 (1) at the messaging device 104 (1) and the messaging device 104 (N). Decrypt future communications received from. At block 424, verify that the reply application identifier matches the application identifier and establish that the communication is secure when communicating over the peer-to-peer communication link. For example, the encryption module 116 (1) of the messaging device 104 (1) verifies that the reply application identifier 312 matches the application identifier 302 originally sent to the receiving messaging device 104 (N). .

  At block 426, the communication is encrypted using the issue authorization associated with the receiving messaging device to generate an encrypted communication. For example, the messaging application 112 (1) at the messaging device 104 (1) can generate an instant message 202 that communicates to the messaging device 104 (N). At block 428, the encrypted communication is communicated to the receiving messaging device over a peer-to-peer communication link for real-time communication. For example, messaging application 112 (1) communicates encrypted communication to receiving messaging device 104 (N) through peer-to-peer network 108 for (substantially) real-time communication. The secure communication carried through the peer-to-peer communication link is instant messaging, real-time peer-to-peer communication, file transfer, image transfer, text communication, audio communication, video communication, or audio / video communication. Any one or combination of these can be included.

  At block 430, an encrypted communication is received from the receiving messaging device over a peer-to-peer communication link. For example, messaging application 112 (1) at messaging device 104 (1) receives encrypted communication 204 from messaging device 104 ((N) over peer-to-peer communication link 108. At block 432. Using the usage authorization corresponding to the issuance authorization received from the receiving messaging device with the encrypted application response, the encrypted communication is decrypted, for example, the encryption module 116 (1) from the messaging device 104 (N). The encrypted communication is decrypted using the use authorization corresponding to the received issuance authorization 318.

  FIG. 5 shows an example of a method 500 for secure instant messaging. The order in which the methods are described is not intended to be construed as limiting, and the method blocks described can be combined in any number and in any order to implement the method. Further, the method can be implemented with any suitable hardware, software, firmware, or combination thereof.

  At block 502, a peer-to-peer communication link is established for real-time transmission of secure communication with the receiving messaging device. For example, the messaging application 112 (1) at the messaging device 104 (1) may enable a peer-to-peer communication link for (substantially) real-time transmission of secure communications 204 (eg, instant messages). 108 is established. At block 504, an encrypted communication is established to be secure when communicating with the receiving messaging device over a peer-to-peer communication link. This has been described with reference to FIGS. 4 (A and B).

  At block 506, the communication is encrypted to include a control policy to restrict the distribution and / or use of the communication when received at the receiving messaging device. For example, the distribution of instant messages and / or when the messaging application 112 (1) at the messaging device 104 (1) encrypts the instant message 202 and receives and decrypts it at the receiving messaging device 104 (N). Or an encrypted instant message can be generated that includes a control policy 322 (1) that restricts its use.

  In this example, the communication includes any one or combination of instant messaging, real-time peer-to-peer communication, file transfer, image transfer, text-based communication, audio communication, video communication, or audio / video communication. be able to. The control policy determines the degree to which the user of the receiving messaging device or receiving message device can maintain the communication for future reference and / or distribute the communication after decrypting the communication. Can be specified. The control policy can also exclude the distribution of communication with any additional data associated with the communication, and the validity of the communication application at the receiving messaging device can be verified and encrypted by the digital rights management service. You can also specify that the communication is to be decrypted.

  At block 508, the encrypted communication is communicated to the receiving messaging device over the peer-to-peer communication link. For example, the messaging application 112 (1) at the messaging device 104 (1) can generate an instant message 202 having a control policy 322 for communication to the messaging device 104 (N). In one embodiment, the encryption module 116 (1) may use the issuance authorization 306 associated with the messaging device 104 (N) to encrypt the instant message 202 and generate an encrypted communication. The messaging application 112 (1) can then communicate the encrypted communication to the receiving messaging device 104 (N) through the peer-to-peer network.

  FIG. 6 illustrates various components of an example computing and / or messaging device 600 that can implement secure instant messaging embodiments. Further, the computing and / or messaging device 600 may be implemented as any one or more of the messaging devices 104 (1-N) described with reference to FIGS.

  The computing and / or messaging device 600 includes one or more media content inputs 602, which can include Internet Protocol (IP) inputs, and in accordance therewith, streams of media content are IP based networks. Receive via the intranet or the Internet. The device 600 further includes a communication interface 604. Communication interface 604 may be implemented as a serial and / or parallel interface, a wireless interface, any type of network interface, any one or more of modems, and as any type of communication interface. . With the wireless interface, device 600 can send control input commands and other information from an input device such as a remote control device, PDA (Personal Digital Assistant), cellular phone, or other infrared (IR), It is possible to receive from 802.11, Bluetooth®, or similar RF input devices.

  The network interface provides a connection between the computing and / or messaging device 600 and a communications network (eg, communications network 106 or peer-to-peer network 108), thereby other electronic, computing, and messaging. Allows the device to communicate data with device 600. Similarly, serial and / or parallel interfaces prepare for direct data communication between device 600 and other electronic, computing and / or messaging devices. The modem facilitates communication of the device 600 with other electronic and computing devices over conventional telephone lines, DSL connections, cables, and / or other types of connections.

  Computing and / or messaging device 600 also includes one or more processors 608 (eg, any of a microprocessor, controller, etc.) that process various computer-executable instructions to process device 600. Control and communication with other electronic and computing devices to realize secure instant messaging embodiments. The device 600 can be implemented with a computer readable medium 610, such as one or more memory components, examples of which are random access memory (RAM), non-volatile memory. (Eg, one or more of read only memory (ROM), flash memory, EPROM, EEPROM, etc.) and disk storage. The disk storage device can include any type of magnetic or optical storage device, such as a hard disk drive, a recordable and / or rewritable compact disk (CD), DVD, DVD + RW, and the like.

  Computer readable medium 610 is a data storage mechanism that stores various information and / or data, such as software applications and any other type of information, and data related to the manner of operation of computing and / or messaging device 600. Is provided. For example, operating system 612 and / or other application programs 614, such as software applications, are maintained using computer readable media 610 and executed on processor 608 to implement secure instant messaging. A form can be realized. For example, when implemented as a messaging device (e.g., any of messaging devices 104 (1-N)), computer readable media 610 can be used to implement secure instant messaging embodiments. Maintain application 112 and encryption module 116.

  Computing and / or messaging device 600 also includes an audio and / or video output 616 for audio performance and / or display that may be external to or integrated with audio and video. Provide the system or other device that processes, displays, and / or otherwise renders audio, video, and display data. Video and audio signals are transmitted from device 600 to a display device, such as an RF (radio frequency) link, an S-video link, a composite video link, a component video link, an analog audio connection, or other similar communication link. Can be communicated through. Although not shown, a user can interface with device 600 through any number of different input devices, such as a keyboard and pointing device (eg, a “mouse”). Other input devices may also include microphones, joysticks, game pads, controllers, serial ports, scanners, and / or any other type of input device that facilitates instant messaging.

  While the instant embodiments of secure instant messaging have been described in terms specific to structural features and / or methods, the subject matter of the appended claims does not necessarily include the specific mechanisms described Needless to say, the method is not limited. Conversely, these specific mechanisms and methods are only disclosed as example secure instant messaging implementations.

Claims (20)

  1. Encrypting the application identifier to generate an encrypted application message;
    Communicating the encrypted application message to a receiving messaging device over a peer-to-peer communication link, wherein the receiving messaging device decrypts the encrypted application message and generates an encrypted application response; Encrypting the application identifier as a response application identifier;
    Receiving an encryption application response from the receiving messaging device;
    Decrypting the encrypted application response;
    Verifying that the reply application identifier matches the application identifier to establish that the communication is secure when communicating over the peer-to-peer communication link;
    A method.
  2. The method of claim 1, further comprising:
    Randomly generating the application identifier;
    Storing the application identifier in a memory;
    A method.
  3. The method of claim 1, further comprising:
    Associating a publishing authorization with the receiving messaging device;
    Storing the issuance authorization in memory to encrypt communications destined for the receiving messaging device;
    A method.
  4. The method of claim 1, further comprising:
    Associating the issuance authorization with the receiving messaging device;
    Obtaining a use authorization corresponding to the issuance authorization;
    Storing the usage authorization to decrypt communications received from the receiving messaging device;
    A method.
  5. The method of claim 1, further comprising:
    Generating a communication to the recipient messaging device;
    Encrypting the communication with an encryption key embedded in an issuance authorization associated with the receiving messaging device to generate an encrypted communication;
    Communicating the encrypted communication to the receiving messaging device over a peer-to-peer communication link, the receiving messaging device decrypting the encrypted communication;
    A method.
  6. The method of claim 1, further comprising:
    Receiving encrypted communication from the receiving messaging device over the peer-to-peer communication link;
    Decrypting the encrypted communication with a usage authorization corresponding to an issuance authorization associated with the receiving messaging device;
    A method.
  7.   The method of claim 1, wherein the secure communication communicated over the peer-to-peer communication link comprises an instant message.
  8.   The method of claim 1, wherein the secure communication communicated over the peer-to-peer communication link comprises substantially real-time peer-to-peer communication.
  9.   The method of claim 1, wherein the secure communication communicated over the peer-to-peer communication link is instant messaging, file transfer, image transfer, text-based communication, audio communication, video communication, or audio / A method comprising at least one of video communications.
  10. An instant messaging system,
    A peer-to-peer communication link;
    A first messaging device that establishes that an encrypted instant message is secure when communicated from the first messaging device to a second messaging device over the peer-to-peer communication link A first messaging device configured to:
    An instant messaging system.
  11.   11. The instant messaging system of claim 10, wherein the first messaging device is further configured to establish that encrypted communications are secure when communicating over the peer to peer communications link. An instant messaging system, wherein the encrypted communication includes at least one of file transfer, image transfer, text-based communication, audio communication, video communication, or audio / video communication.
  12.   11. The instant messaging system of claim 10, wherein the second messaging device encrypts when communicating from the second messaging device to the first messaging device over the peer-to-peer communication link. An instant messaging system that is configured to establish that instant messages are secure.
  13. The instant messaging system of claim 10.
    The first messaging device further encrypts an application identifier to generate an encryption application and communicates the encryption application to the second messaging device over the peer-to-peer communication link. Configured,
    The second messaging device decrypts the encrypted application and encrypts the application identifier as a response application identifier to generate an encrypted application response, and transmits the encrypted application over the peer-to-peer communication link. Is communicated to the first messaging device;
    The first messaging device further decrypts the encrypted application response and establishes security when communicating the encrypted instant message over the peer-to-peer communication link. , An instant messaging system configured to verify that the reply application identifier matches the application identifier.
  14. The instant messaging system of claim 13, wherein the first messaging device further comprises:
    Encrypting the application identifier with an encryption key embedded in an issuance authorization associated with the second messaging device to generate the encrypted application;
    Obtain a use authorization corresponding to the issuance authorization,
    Decrypting the encrypted application response with the use authorization;
    An instant messaging system that is configured as follows:
  15.   The instant messaging system of claim 13, wherein the first messaging device is further configured to randomly generate the subscription identifier.
  16. The instant messaging system of claim 13, wherein the first messaging device further comprises:
    Associating an issuance authorization with the second messaging device;
    Maintain the publishing authorization to encrypt instant messages;
    To generate an encrypted instant message, encrypt the instant message with an encryption key embedded in the issuing authorization;
    Communicating the encrypted instant message to the second messaging device over the peer-to-peer communication link;
    An instant messaging system that is configured as follows:
  17. The instant messaging system of claim 13, wherein the first messaging device further comprises:
    Obtaining a usage authorization corresponding to an issuance authorization associated with the second messaging device;
    Maintain the authorization to decrypt the encrypted instant message,
    Receiving an encrypted instant message from the second messaging device over the peer-to-peer communication link;
    Decrypting the encrypted instant message with the usage authorization;
    An instant messaging system that is configured as follows:
  18. One or more computer-readable media,
    When executed
    Encrypt the application identifier to generate an encrypted application message,
    Communicating the encrypted application message to the receiving messaging device over a peer-to-peer communication link;
    Decrypting the encrypted application response from the receiving messaging device;
    The response application identifier received in the encrypted application response matches the application identifier to establish that the instant message is secure when communicated over the peer-to-peer communication link. Verify,
    A computer-readable medium comprising computer-executable instructions for instructing an instant messaging device to do so.
  19. 19. One or more computer readable media as recited in claim 18, further comprising:
    Associating a publishing authorization with the receiving messaging device;
    Maintaining the issuance authorization to encrypt communications destined for the receiving messaging device;
    Obtain a use authorization corresponding to the issuance authorization,
    Maintaining the authorization to decrypt communications received from the receiving messaging device;
    A computer-readable medium comprising computer-executable instructions for instructing an instant messaging device to do so.
  20. 19. One or more computer readable media as recited in claim 18, further comprising:
    Generating an instant message for transmission to the recipient messaging device;
    Encrypting the instant message with an encryption key embedded in an issuance authorization associated with the recipient messaging device to generate an encrypted instant message;
    Communicating the encrypted instant message to the receiving messaging device as a secure communication over a peer-to-peer communication link;
    Receiving a second encrypted communication as a secure communication from the receiving messaging device over the peer-to-peer communication link;
    Decrypting the second encrypted instant message with a usage authorization corresponding to an issuance authorization associated with the receiving messaging device;
    A computer-readable medium comprising computer-executable instructions for instructing an instant messaging device to do so.
JP2012157246A 2005-06-30 2012-07-13 Secure instant messaging Active JP5896850B2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US11/172,425 2005-06-30
US11/172,425 US7949138B2 (en) 2005-06-30 2005-06-30 Secure instant messaging

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
JP2008519295 Division 2006-05-12

Publications (2)

Publication Number Publication Date
JP2012212468A true JP2012212468A (en) 2012-11-01
JP5896850B2 JP5896850B2 (en) 2016-03-30

Family

ID=37589555

Family Applications (3)

Application Number Title Priority Date Filing Date
JP2008519295A Active JP5713531B2 (en) 2005-06-30 2006-05-12 Secure instant messaging
JP2012157246A Active JP5896850B2 (en) 2005-06-30 2012-07-13 Secure instant messaging
JP2015032792A Active JP6312616B2 (en) 2005-06-30 2015-02-23 Secure instant messaging

Family Applications Before (1)

Application Number Title Priority Date Filing Date
JP2008519295A Active JP5713531B2 (en) 2005-06-30 2006-05-12 Secure instant messaging

Family Applications After (1)

Application Number Title Priority Date Filing Date
JP2015032792A Active JP6312616B2 (en) 2005-06-30 2015-02-23 Secure instant messaging

Country Status (9)

Country Link
US (1) US7949138B2 (en)
EP (1) EP1897265A4 (en)
JP (3) JP5713531B2 (en)
KR (1) KR20080031692A (en)
CN (1) CN101208900B (en)
BR (1) BRPI0613075A2 (en)
MX (1) MX2007016219A (en)
RU (1) RU2419222C2 (en)
WO (1) WO2007005117A2 (en)

Families Citing this family (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7321969B2 (en) * 2002-04-26 2008-01-22 Entrust Limited Secure instant messaging system using instant messaging group policy certificates
KR101154501B1 (en) * 2005-12-29 2012-06-13 주식회사 엘지생활건강 A composition of eliminating keratin comprising saussurea involucratae extract
US8190883B2 (en) * 2007-02-26 2012-05-29 Picup, Llc Network identity management system and method
US10200325B2 (en) * 2010-04-30 2019-02-05 Shazzle Llc System and method of delivering confidential electronic files
US8625805B1 (en) 2012-07-16 2014-01-07 Wickr Inc. Digital security bubble
US9866591B1 (en) 2013-06-25 2018-01-09 Wickr Inc. Enterprise messaging platform
US9830089B1 (en) 2013-06-25 2017-11-28 Wickr Inc. Digital data sanitization
US10129260B1 (en) 2013-06-25 2018-11-13 Wickr Inc. Mutual privacy management
CN108259497A (en) * 2013-11-18 2018-07-06 韦恩加油系统瑞典公司 Systems and methods for fuel dispenser security
US9698976B1 (en) 2014-02-24 2017-07-04 Wickr Inc. Key management and dynamic perfect forward secrecy
US9584530B1 (en) 2014-06-27 2017-02-28 Wickr Inc. In-band identity verification and man-in-the-middle defense
US9654288B1 (en) 2014-12-11 2017-05-16 Wickr Inc. Securing group communications
US9432340B1 (en) * 2015-05-07 2016-08-30 Bogart Associates System and method for secure end-to-end chat system
US9584493B1 (en) 2015-12-18 2017-02-28 Wickr Inc. Decentralized authoritative messaging
US10291607B1 (en) 2016-02-02 2019-05-14 Wickr Inc. Providing real-time events to applications
US9596079B1 (en) 2016-04-14 2017-03-14 Wickr Inc. Secure telecommunications
US9590958B1 (en) 2016-04-14 2017-03-07 Wickr Inc. Secure file transfer
US10230524B2 (en) 2017-01-26 2019-03-12 Wickr Inc. Securely transferring user information between applications

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001144751A (en) * 1999-11-11 2001-05-25 Kensai Otsubo Personal authentication algorithm by computer
JP2003186729A (en) * 2001-12-20 2003-07-04 Nec Corp Content distribution method, its device and program
JP2004526367A (en) * 2001-03-14 2004-08-26 ノキア コーポレーション Separation of the identification of the instant messaging user and client
JP2005050129A (en) * 2003-07-29 2005-02-24 Sony Corp Information processing system, information processing apparatus and method, recording medium, and program
JP2005064683A (en) * 2003-08-08 2005-03-10 Sony Corp Device, method, and program for image processing, and recording medium
JP2005102163A (en) * 2003-09-03 2005-04-14 Sony Corp Equipment authentication system, server, method and program, terminal and storage medium

Family Cites Families (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6542610B2 (en) * 1997-01-30 2003-04-01 Intel Corporation Content protection for digital transmission systems
JP4113274B2 (en) * 1998-02-05 2008-07-09 富士ゼロックス株式会社 Authentication device and method
US6918035B1 (en) 1998-07-31 2005-07-12 Lucent Technologies Inc. Method for two-party authentication and key agreement
US6445797B1 (en) * 1998-12-16 2002-09-03 Secure Choice Llc Method and system for performing secure electronic digital streaming
US7437550B2 (en) 1999-12-02 2008-10-14 Ponoi Corp. System for providing session-based network privacy, private, persistent storage, and discretionary access control for sharing private data
US6807277B1 (en) * 2000-06-12 2004-10-19 Surety, Llc Secure messaging system with return receipts
RU2178913C1 (en) 2000-09-18 2002-01-27 Государственное унитарное предприятие Центральный научно-исследовательский институт "Курс" Mechanism of mutual authentication in real-time distributed data-control systems
RU2184390C1 (en) 2000-11-08 2002-06-27 Военный университет связи Method for authenticating objects
DE10118267A1 (en) 2001-04-12 2002-10-24 Bosch Gmbh Robert Method for authorizing a user accessing a software based system using an unsecured access medium has a two stage encryption process that ensures users are authorized before the system can be accessed
US7146009B2 (en) 2002-02-05 2006-12-05 Surety, Llc Secure electronic messaging system requiring key retrieval for deriving decryption keys
US7483860B2 (en) 2002-03-08 2009-01-27 Pace Anti-Piracy Method and system for managing software licenses
US20030204722A1 (en) 2002-04-26 2003-10-30 Isadore Schoen Instant messaging apparatus and method with instant messaging secure policy certificates
RU2343639C2 (en) * 2002-07-25 2009-01-10 Байо-Ки Интернэшнл, Инк. Highly reliable biometric device
US7069438B2 (en) 2002-08-19 2006-06-27 Sowl Associates, Inc. Establishing authenticated network connections
CN1166124C (en) 2002-09-16 2004-09-08 联想(北京)有限公司 Equipment peer-to-peer connection method in realizing dynamic network connection in home network
US7240214B2 (en) * 2002-10-25 2007-07-03 Yahoo!, Inc. Centrally controllable instant messaging system
US7254608B2 (en) 2002-10-31 2007-08-07 Sun Microsystems, Inc. Managing distribution of content using mobile agents in peer-topeer networks
JP4044415B2 (en) * 2002-10-31 2008-02-06 日本電信電話株式会社 Articles owned agency confirmation system and articles owned agency confirmation method
US7287052B2 (en) 2002-11-09 2007-10-23 Microsoft Corporation Challenge and response interaction between client and server computing devices
JP2004192331A (en) * 2002-12-11 2004-07-08 Fuji Photo Film Co Ltd Communication terminal device, communication server, communication method and program
US7131003B2 (en) 2003-02-20 2006-10-31 America Online, Inc. Secure instant messaging system
JP4517578B2 (en) 2003-03-11 2010-08-04 株式会社日立製作所 Peer-to-peer communication apparatus and communication method
JP2004312717A (en) * 2003-03-24 2004-11-04 Matsushita Electric Ind Co Ltd Data protection management apparatus and data protection management method
US7136945B2 (en) 2003-03-31 2006-11-14 Sony Corporation Method and apparatus for extending protected content access with peer to peer applications
US7103772B2 (en) 2003-05-02 2006-09-05 Giritech A/S Pervasive, user-centric network security enabled by dynamic datagram switch and an on-demand authentication and encryption scheme through mobile intelligent data carriers
JP2005050185A (en) * 2003-07-30 2005-02-24 Sony Corp Information processing system, information processing apparatus and method, recording medium and program
US20040107124A1 (en) 2003-09-24 2004-06-03 James Sharpe Software Method for Regulatory Compliance
US8103004B2 (en) 2003-10-03 2012-01-24 Sony Corporation Method, apparatus and system for use in distributed and parallel decryption
JP2005165671A (en) * 2003-12-02 2005-06-23 Canon Inc Multiplex system for authentication server and multiplex method therefor
US20050246529A1 (en) 2004-04-30 2005-11-03 Microsoft Corporation Isolated persistent identity storage for authentication of computing devies
US8073911B2 (en) 2004-05-12 2011-12-06 Bluespace Software Corporation Enforcing compliance policies in a messaging system
US20080256368A1 (en) * 2004-09-23 2008-10-16 Andree Ross Method and Device For Protecting Digital Content in Mobile Applications
US8230020B2 (en) * 2004-11-22 2012-07-24 Jean-Louis Vill Method and system for filtering electronic messages
KR100675836B1 (en) * 2004-12-10 2007-01-29 한국전자통신연구원 Authentication method for a link protection in EPON
US20060206616A1 (en) 2005-03-14 2006-09-14 Gridiron Software, Inc. Decentralized secure network login
JP2008181295A (en) 2007-01-24 2008-08-07 Sony Corp Authentication system, information processor and method, program and recording medium
US8646104B2 (en) 2008-02-27 2014-02-04 Red Hat, Inc. Stateless challenge-response broadcast protocol
AU2009260473B2 (en) 2008-05-28 2015-05-07 Visa International Service Association Gateway service platform
US20100268942A1 (en) 2009-04-15 2010-10-21 Secuware Systems and Methods for Using Cryptographic Keys

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001144751A (en) * 1999-11-11 2001-05-25 Kensai Otsubo Personal authentication algorithm by computer
JP2004526367A (en) * 2001-03-14 2004-08-26 ノキア コーポレーション Separation of the identification of the instant messaging user and client
JP2003186729A (en) * 2001-12-20 2003-07-04 Nec Corp Content distribution method, its device and program
JP2005050129A (en) * 2003-07-29 2005-02-24 Sony Corp Information processing system, information processing apparatus and method, recording medium, and program
JP2005064683A (en) * 2003-08-08 2005-03-10 Sony Corp Device, method, and program for image processing, and recording medium
JP2005102163A (en) * 2003-09-03 2005-04-14 Sony Corp Equipment authentication system, server, method and program, terminal and storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
JPN6013059045; Menezes, A.J., et al.: '10.3 Challenge-response identification (strongauthentication)' Handbook of Applied Cryptology , 199610, pp. 397-405 *

Also Published As

Publication number Publication date
BRPI0613075A2 (en) 2010-12-21
WO2007005117A2 (en) 2007-01-11
RU2007149084A (en) 2009-07-10
US20070003066A1 (en) 2007-01-04
MX2007016219A (en) 2008-03-07
JP5713531B2 (en) 2015-05-07
EP1897265A2 (en) 2008-03-12
KR20080031692A (en) 2008-04-10
JP5896850B2 (en) 2016-03-30
CN101208900B (en) 2011-05-18
EP1897265A4 (en) 2014-01-08
JP6312616B2 (en) 2018-04-18
US7949138B2 (en) 2011-05-24
CN101208900A (en) 2008-06-25
JP2015133130A (en) 2015-07-23
JP2009500904A (en) 2009-01-08
RU2419222C2 (en) 2011-05-20
WO2007005117A3 (en) 2007-11-08

Similar Documents

Publication Publication Date Title
US8255690B2 (en) Apparatus and method for group session key and establishment using a certified migration key
US7039713B1 (en) System and method of user authentication for network communication through a policy agent
US7917946B2 (en) Method and network for securely delivering streaming data
US8166300B2 (en) Extending the DRM realm to external devices
Hardjono et al. The multicast group security architecture
CN101064598B (en) Method for encrypting and deciphering client instant communication data
JP4723251B2 (en) Safe embedded with the use of device-specific security data
EP2021938B1 (en) Policy driven, credential delegation for single sign on and secure access to network resources
US7290132B2 (en) Establishing secure peer networking in trust webs on open networks using shared secret device key
US7426271B2 (en) System and method for establishing secondary channels
CN1148926C (en) Method, system and cipher system for making agent host computer participate secret communication
US7031473B2 (en) Network architecture for secure communications between two console-based gaming systems
EP1564622A2 (en) Conditional access to digital rights management conversion
US8214649B2 (en) System and method for secure communications between at least one user device and a network entity
EP1267548A2 (en) Method and system for integrating security mechanisms into session initiation protocol request messages for client-proxy authentication
CN1820482B (en) Method for generating and managing a local area network
EP1475938B1 (en) Web access to secure data
US7409455B2 (en) Security and support for flexible conferencing topologies spanning proxies, firewalls and gateways
JP5047291B2 (en) Method and system for providing authentication services to Internet users
US8752162B2 (en) Secure sharing of transport layer security session keys with trusted enforcement points
US7769172B2 (en) Methods and systems for secure distribution of subscription-based game software
US20050204038A1 (en) Method and system for distributing data within a network
JP4481574B2 (en) Method for authenticating a communication over a network medium
US20100316219A1 (en) Systems and methods for simultaneous integrated multiencrypted rotating key communication
US8086847B2 (en) Computer program product and computer system for peer-to-peer communications

Legal Events

Date Code Title Description
A521 Written amendment

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20120802

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20120802

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20131031

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20131128

A521 Written amendment

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20140226

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20140331

A521 Written amendment

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20140623

A02 Decision of refusal

Free format text: JAPANESE INTERMEDIATE CODE: A02

Effective date: 20141022

A521 Written amendment

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20150223

A911 Transfer of reconsideration by examiner before appeal (zenchi)

Free format text: JAPANESE INTERMEDIATE CODE: A911

Effective date: 20150302

A912 Removal of reconsideration by examiner before appeal (zenchi)

Free format text: JAPANESE INTERMEDIATE CODE: A912

Effective date: 20150320

A711 Notification of change in applicant

Free format text: JAPANESE INTERMEDIATE CODE: A711

Effective date: 20150508

A521 Written amendment

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20151221

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20160301

R150 Certificate of patent or registration of utility model

Ref document number: 5896850

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250